Whether it’s domestic instant payment schemes or cross-border rails designed to remove friction, real-time and near instant transfers have become the norm. For customers, the benefits are obvious – speed, convenience and availability from banks around the clock. But there’s also a benefit for fraudsters, writes Ruud Grotens, Head of Risk Solutions Consulting – Cyber Fraud and Risk Management, at the business payments product firm, Bottomline.
When funds move in seconds rather than hours or days, the margin for fraud intervention all but disappears. Criminals know this, and they can exploit the narrow window between payment authorisation and settlement, striking before traditional controls can respond. That said, modern real-time controls and shared intelligence can materially cut this risk if and when deployed well.
Speed has shifted the risk equation
Historically, delays in payment processing gave banks time to spot unusual activity and investigate fraud, but real-time payments remove that buffer. Once a transaction is approved, it can take only moments for the money to be unrecoverable, and this is often outside normal business hours and across borders.
This challenge is not limited to one market. In the UK, mandatory reimbursement for Authorised Push Payment (APP) fraud has placed new operational and financial pressures on banks, especially during high-volume payout periods that have become predictable targets for criminals. In contrast, the US operates without a universal reimbursement mandate, leaving institutions to manage their own fraud risk amid heightened regulatory, reputational and customer expectations.
The underlying issue is the same in both cases as criminals are adapting faster than individual banks can keep up on their own.
Criminal networks collaborate – financial institutions must do the same
Fraud is not isolated as organised groups work together, share tactics, test bank controls and improve their methods using automation, social engineering, and AI. PwC research shows that banks believe they trail these fraudsters by weeks or even months, and this is where a shift in mindset is needed from financial institutions. Fraud prevention can no longer be treated as a purely competitive capability and must become a collective one instead.
While no single financial institution has a complete view of fraud activity, the industry as a collective does. By sharing early indicators of scams and emerging attack patterns, financial institutions can disrupt fraud before losses occur. Shared intelligence allows banks to identify risks earlier in the payment lifecycle, particularly at the point of authorisation – the last meaningful opportunity to stop a fraudulent transaction.
Encouragingly, this approach is already taking shape. Swift worked with 13 banks to test ways of spotting fraud without sharing raw customer data, using secure privacy tech and an AI model that ‘travels’ to each bank to learn locally. That shared approach picked up twice as many known frauds as a single bank working alone. In the UK, Stop Scams UK is helping banks team up with tech and telecom firms to share real-time scam indicators and block attacks at source.
Further abroad, India’s Reserve Bank is building a Digital Payment Intelligence platform for real‑time inter‑bank intelligence sharing, Latvia’s central bank and Finance Latvia Association have issued sector guidelines for real‑time fraud data sharing, and in the Netherlands the TMNL initiative was wound down over GDPR [data protection] and new AMLR [anti money laundering] concerns with PSD3 and the PSR now setting a clearer legal basis for targeted data exchange.
These cross-sector initiatives demonstrate that collaboration across banks, fintechs and payment networks can trace and block fraud across channels.
Intelligence sharing is essential, but so is the need to respect data protection laws, customer privacy, and regional regulatory requirements. The challenge for financial institutions becomes sharing useful information quickly without risking sensitive data or breaking rules – and this requires secure frameworks, clear governance, and agreed standards for what is shared, how it is anonymised, and how it is used.
Layered controls remain essential
Fraud detection should be built into every stage of the payment journey starting before a payment is initiated, at the point of authorisation, and after funds move. That means using early signals like identity and device checks, applying real-time risk scoring and screening when the payment is approved, and continuing to monitor for mule activity or network anomalies. Combine this with intelligence sharing between institutions, and you create a stronger defence without slowing down the payment experience.
As real-time payments become the norm, the institutions best positioned to protect customers will be those that balance speed with strong defences. That means combining layered security controls with a willingness to collaborate, rather than trying to tackle threats alone.
